FIPS Validated Key Management Protects Encryption Keys

Key management appliance provides certified, tamper-resistant protection for critical encryption keys

January 23, 2013

3 Min Read

PRESS RELEASE

Plantation, FL – January 22, 2013 – Thales, leader in information systems and communications security, announces that keyAuthority, a high-assurance enterprise key management solution, has successfully passed one of the most rigorous security test programs in the industry – FIPS 140-2 Level 3. This is the most widely recognized security benchmark for cryptographic devices around the world. Validation to FIPS 140-2 is a mandated requirement in many industry and government sectors and is a frequently stated best practice for any organization seeking to protect sensitive data.

Key facts:

• The Federal Information Processing Standards (FIPS) 140-2 validation scheme for cryptographic modules is jointly administered by the US National Institute of Standards and Technology (NIST) and the Canadian Communications Security Establishment (CSE).Testing is performed by certified independent test laboratories with validation ultimately being approved by NIST.

• The FIPS 140-2 scheme applies to a range of cryptographic devices including key managers and hardware security modules (HSMs) and supports multiple levels of validation that range from purely software based systems (Level 1) to fully hardened tamper resistant and tamper responsive systems that deliver significantly higher levels of assurance.

• Thales keyAuthority is a standards-based key management solution with a tamper resistant and tamper evident chassis that provides protection and policy based automation for the entire key management lifecycle ranging from key generation, key distribution, key archival and ultimately key destruction. Key Authority can support up to 25 million keys used by thousands of cryptographic devices.

• keyAuthority includes support for legacy key management protocols and is the only security hardened solution that supports IBM tape and disk encryption via its native TKLM (Tivoli Key Lifecycle Manager) capability.

Brocade encryption-enabled SAN switches are also supported.

Richard Moulds, vice president, strategy, Thales e-Security, says: "Key management systems protect the keys to the kingdom and therefore become one of the most attractive targets for attackers inside and outside the organization. Our customers recognize the need to deploy systems with enhanced levels of security but quantifying that requirement is notoriously difficult, FIPS 140-2 Level 3 provides a convenient and yet meaningful benchmark. It's easy for vendors to make security claims about their products and therefore this validation of keyAuthority by NIST gives our customers the confidence that they need in order to trust our products with their most valuable digital assets, today and into the future."

Supporting Resources:

• Thales keyAuthority

• Thales e-Security product certifications:

http://www.thales-esecurity.com/company/certifications

• NIST: http://www.nist.gov/index.html

For industry insight and views on the latest key management trends check out our blogs www.thales-esecurity.com/blogs

Follow Thales e-Security on Twitter @Thalesesecurity, LinkedIn, Facebook and YouTube

About Thales e-Security

Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80% of worldwide payment transactions. Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com

About Thales

Thales is a global technology leader for the defence & security and the aerospace & transport markets. In 2011 the company generated revenues of €13 billion with 67,000 employees in 56 countries. With its 22,500 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners.

www.thalesgroup.com

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights